search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translation for 3.20.11
[koha.git] / t / Auth_with_shibboleth.t
blob8df880fa67ec788c0d7d56c5ef11924d93e1923e
1 #!/usr/bin/perl
2
3 # This file is part of Koha.
4 #
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
17
18 use Modern::Perl;
19
20 use Module::Load::Conditional qw/check_install/;
21 use Test::More;
22 use Test::MockModule;
23 use Test::Warn;
24
25 use CGI;
26 use C4::Context;
27
28 BEGIN {
29 if ( check_install( module => 'Test::DBIx::Class' ) ) {
30 plan tests => 11;
31 } else {
32 plan skip_all => "Need Test::DBIx::Class"
33 }
34 }
35
36 use Test::DBIx::Class { schema_class => 'Koha::Schema', connect_info => ['dbi:SQLite:dbname=:memory:','',''] };
37
38 # Mock Variables
39 my $matchpoint = 'userid';
40 my %mapping = ( 'userid' => { 'is' => 'uid' }, );
41 $ENV{'uid'} = "test1234";
42
43 # Setup Mocks
44 ## Mock Context
45 my $context = new Test::MockModule('C4::Context');
46
47 ### Mock ->config
48 $context->mock( 'config', \&mockedConfig );
49
50 sub mockedConfig {
51 my $param = shift;
52
53 my %shibboleth = (
54 'matchpoint' => $matchpoint,
55 'mapping' => \%mapping
56 );
57
58 return \%shibboleth;
59 }
60
61 ### Mock ->preference
62 my $OPACBaseURL = "testopac.com";
63 $context->mock( 'preference', \&mockedPref );
64
65 sub mockedPref {
66 my $param = $_[1];
67 my $return;
68
69 if ( $param eq 'OPACBaseURL' ) {
70 $return = $OPACBaseURL;
71 }
72
73 return $return;
74 }
75
76 ## Mock Database
77 my $database = new Test::MockModule('Koha::Database');
78
79 ### Mock ->schema
80 $database->mock( 'schema', \&mockedSchema );
81
82 sub mockedSchema {
83 return Schema();
84 }
85
86 ## Convenience method to reset config
87 sub reset_config {
88 $matchpoint = 'userid';
89 %mapping = ( 'userid' => { 'is' => 'uid' }, );
90 $ENV{'uid'} = "test1234";
91
92 return 1;
93 }
94
95 # Tests
96 ##############################################################
97
98 # Can module load
99 use_ok('C4::Auth_with_shibboleth');
100 $C4::Auth_with_shibboleth::debug = '0';
101
102 # Subroutine tests
103 ## shib_ok
104 subtest "shib_ok tests" => sub {
105 plan tests => 5;
106 my $result;
107
108 # correct config, no debug
109 is( shib_ok(), '1', "good config" );
110
111 # bad config, no debug
112 $matchpoint = undef;
113 warnings_are { $result = shib_ok() }
114 [ { carped => 'shibboleth matchpoint not defined' }, ],
115 "undefined matchpoint = fatal config, warning given";
116 is( $result, '0', "bad config" );
117
118 $matchpoint = 'email';
119 warnings_are { $result = shib_ok() }
120 [ { carped => 'shibboleth matchpoint not mapped' }, ],
121 "unmapped matchpoint = fatal config, warning given";
122 is( $result, '0', "bad config" );
123
124 # add test for undefined shibboleth block
125
126 reset_config();
127 };
128
129 ## logout_shib
130 #my $query = CGI->new();
131 #is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
132
133 ## login_shib_url
134 my $query_string = 'language=en-GB';
135 $ENV{QUERY_STRING} = $query_string;
136 $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
137 my $query = CGI->new($query_string);
138 is(
139 login_shib_url($query),
140 'https://testopac.com'
141 . '/Shibboleth.sso/Login?target='
142 . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
143 . $query_string,
144 "login shib url"
145 );
146
147 ## get_login_shib
148 subtest "get_login_shib tests" => sub {
149 plan tests => 4;
150 my $login;
151
152 # good config
153 ## debug off
154 $C4::Auth_with_shibboleth::debug = '0';
155 warnings_are { $login = get_login_shib() }[],
156 "good config with debug off, no warnings recieved";
157 is( $login, "test1234",
158 "good config with debug off, attribute value returned" );
159
160 ## debug on
161 $C4::Auth_with_shibboleth::debug = '1';
162 warnings_are { $login = get_login_shib() }[
163 "koha borrower field to match: userid",
164 "shibboleth attribute to match: uid",
165 "uid value: test1234"
166 ],
167 "good config with debug enabled, correct warnings recieved";
168 is( $login, "test1234",
169 "good config with debug enabled, attribute value returned" );
170
171 # bad config - with shib_ok implemented, we should never reach this sub with a bad config
172 };
173
174 ## checkpw_shib
175 subtest "checkpw_shib tests" => sub {
176 plan tests => 13;
177
178 my $shib_login;
179 my ( $retval, $retcard, $retuserid );
180
181 # Setup Mock Database Data
182 fixtures_ok [
183 'Borrower' => [
184 [qw/cardnumber userid surname address city/],
185 [qw/testcardnumber test1234 renvoize myaddress johnston/],
186 ],
187 ],
188 'Installed some custom fixtures via the Populate fixture class';
189
190 # debug off
191 $C4::Auth_with_shibboleth::debug = '0';
192
193 # good user
194 $shib_login = "test1234";
195 warnings_are {
196 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
197 }
198 [], "good user with no debug";
199 is( $retval, "1", "user authenticated" );
200 is( $retcard, "testcardnumber", "expected cardnumber returned" );
201 is( $retuserid, "test1234", "expected userid returned" );
202
203 # bad user
204 $shib_login = 'martin';
205 warnings_are {
206 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
207 }
208 [], "bad user with no debug";
209 is( $retval, "0", "user not authenticated" );
210
211 # debug on
212 $C4::Auth_with_shibboleth::debug = '1';
213
214 # good user
215 $shib_login = "test1234";
216 warnings_exist {
217 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
218 }
219 [ qr/checkpw_shib/, qr/User Shibboleth-authenticated as:/ ],
220 "good user with debug enabled";
221 is( $retval, "1", "user authenticated" );
222 is( $retcard, "testcardnumber", "expected cardnumber returned" );
223 is( $retuserid, "test1234", "expected userid returned" );
224
225 # bad user
226 $shib_login = "martin";
227 warnings_exist {
228 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
229 }
230 [
231 qr/checkpw_shib/,
232 qr/User Shibboleth-authenticated as:/,
233 qr/not a valid Koha user/
234 ],
235 "bad user with debug enabled";
236 is( $retval, "0", "user not authenticated" );
237
238 };
239
240 ## _get_uri
241 $OPACBaseURL = "testopac.com";
242 is( C4::Auth_with_shibboleth::_get_uri(),
243 "https://testopac.com", "https opac uri returned" );
244
245 $OPACBaseURL = "http://testopac.com";
246 my $result;
247 warning_is { $result = C4::Auth_with_shibboleth::_get_uri() }
248 'Shibboleth requires OPACBaseURL to use the https protocol!',
249 "improper protocol - received expected warning";
250 is( $result, "https://testopac.com", "https opac uri returned" );
251
252 $OPACBaseURL = "https://testopac.com";
253 is( C4::Auth_with_shibboleth::_get_uri(),
254 "https://testopac.com", "https opac uri returned" );
255
256 $OPACBaseURL = undef;
257 warning_is{ $result = C4::Auth_with_shibboleth::_get_uri() }
258 'OPACBaseURL not set!',
259 "undefined OPACBaseURL - received expected warning";
260 is( $result, "https://", "https opac uri returned" );
261
262 ## _get_shib_config
263 # Internal helper function, covered in tests above
Koha ILS